-
+13 +1
200 malicious Android and iOS apps draining bank accounts — check your phone now
If you need another reminder to be careful when downloading new apps for your devices, a new batch of malicious apps has been discovered stealing both data and money from unsuspecting users. As reported by Laptop Mag(opens in new tab), these 203 malicious iOS and Android apps were first discovered by Thailand’s Ministry of Digital Economy and Society (DES) and the UK’s National Cyber Security Centre (NCSC).
-
+21 +1
US federal agencies required to adopt post-quantum security, private sector advised to follow
In an era of quantum computing "arms race", it is time to transition to quantum-safe systems.
-
+24 +1
Redis Cloud Introduces Short-Lived TLS Certificates
We’re changing some of our security practices. Here is what you need to know to ensure a smooth transition.
-
+9 +1
The US government is once again threatening to ban TikTok. What you should know
Nearly two-and-a-half years after the Trump administration threatened to ban TikTok in the United States if it didn't divest from its Chinese owners, the Biden administration is now doing the same.
-
+4 +1
A ransomware gang claims it has breached Ring and is threatening to leak data
A popular ransomware operator claims to have compromised Ring, the Amazon-owned company that builds smart doorbells with cameras. A new report on Vice’s Motherboard states that the group known as ALPHV, popular for its use of the BlackCat encryptor malware, added a new entry to its leak site, next to which is Ring’s logo.
-
+31 +1
Opinion: My data got leaked in Indigo’s ransomware attack, years after I left. We need better cybersecurity rules
It has become clear that there is little clarity in the law about the obligations an employer owes to its current and former employees
-
+4 +1
Should You Pay for Antivirus Software? These Experts Say No
A device’s built-in security is often enough, but stay on top of updates, passwords
-
+4 +1
White House releases ambitious cyber strategy calling for more regulation of vulnerable sectors
The White House on Thursday released an ambitious national cybersecurity strategy that calls for new federal regulation of vulnerable critical infrastructure firms and for software makers to be held liable when their products leave gaping holes for hackers to exploit.
-
+32 +1
Reddit Says It Was Hacked But That You Don't Need to Worry. Probably.
The social media site says that a phishing incident led to the theft of company data but that user data is safe. Reddit says that it was hacked earlier this month, in a security incident that compromised some company data. However, the company says that Redditors have no need to fear because user data was not impacted by the episode—at least, that the company knows of...“so far.”
-
+16 +1
Reddit says hackers accessed internal data following employee phishing attack
Reddit has confirmed hackers accessed internal documents and source code following a “highly-targeted” phishing attack. A post by Reddit CTO Christopher Slowe, or KeyserSosa, explained that on February 5 the company became aware of the “sophisticated” attack targeting Reddit employees. He says that an as-yet-unidentified attacker sent “plausible-sounding prompts,” which redirected employees to a website masquerading as Reddit’s intranet portal in an attempt to steal credentials and two-factor authentication tokens.
-
+16 +1
Apple's End-to-End iCloud Could Be a Security Game Changer
Finally end-to-end encryption comes to iCloud. The system can be a bit buggy, but promises a substantial security upgrade. The cloud has always been a convenient place to store your files, but a hostile place for security. With your files backed up on a company’s servers somewhere, they are at risk to demands from authorities to access them, or hackers that may break into the company’s infrastructure.
-
+22 +1
U.S. No Fly list shared on a hacking forum, government investigating
A U.S. No Fly list with over 1.5 million records of banned flyers and upwards of 250,000 'selectees' has been shared publicly on a hacking forum. BleepingComputer has confirmed the list is the same TSA No Fly list that was discovered recently on an unsecured CommuteAir server.
-
+34 +1
The 5 best mobile VPNs of 2023
With many using mobile apps for financial transactions, emails, and social networking, the best mobile VPNs of 2023 can ensure your information remains yours.
-
+21 +1
What Trouble Awaits Cloud Native Security in 2023?
Lots. And, bad news, kids, it will not be easy to manage.
-
+22 +1
Major security flaws found in Mercedes, Ferrari and other top luxury cars
Major security flaws have been found in Mercedes, Ferrari, and other top luxury cars which could have allowed threat actors to steal the owners’ personally identifiable information, track their vehicles, and in some cases - even unlock and start the cars. Almost two-dozen car brands were affected by the flaws, including top brands such as BMW, Roll Royce, Mercedes-Benz, Ferrari, Porsche, Jaguar, Land Rover, Ford, KIA, Honda, Infiniti, Nissan, Acura, Hyundai, Toyota, and Genesis.
-
+20 +1
Anker’s Eufy deleted these 10 privacy promises instead of answering our questions
It’s been two weeks since we reported that Anker’s Eufy lied to us about the security of its security cameras, and we’ve been pushing the company for answers ever since. But the company hasn’t answered a single one of our questions — in fact, I haven’t gotten a single reply since December 1st. Today, on a whim, I thought I’d take a peek at Eufy’s website... maybe find some answers there? Instead, I found that Anker has quietly scrubbed all of its most promising privacy promises from its “privacy commitment” page. It got nerfed — hard.
-
Analysis+13 +1
People Still Think Their Smart Speakers Are Eavesdropping on Conversations
In short, they’re not. But a new Chubb report finds increasing cyber anxiety, as well as people clinging to bad security habits. (Seriously, that ‘keepsake password’ has to go.)
-
+24 +1
Passkeys—Microsoft, Apple, and Google’s password killer—are finally here
For years, Big Tech has insisted that the death of the password is right around the corner. For years, those assurances have been little more than empty promises. The password alternatives—such as pushes, OAUTH single-sign ons, and trusted platform modules—introduced as many usability and security problems as they solved. But now, we’re finally on the cusp of a password alternative that’s actually going to work.
-
+31 +1
Linux dodges serious Wi-Fi security exploits
What appeared to be one simple Linux Wi-Fi networking security problem was soon revealed to be five different nasty Wi-Fi security problems. Fortunately, the patches are on their way.
-
+27 +1
Microsoft Teams has been storing authentication tokens in plaintext
Microsoft Teams stores authentication tokens in unencrypted plaintext mode, allowing attackers to potentially control communications within an organization, according to the security firm Vectra. The flaw affects the desktop app for Windows, Mac and Linux built using Microsoft's Electron framework. Microsoft is aware of the issue but said it has no plans for a fix anytime soon, since an exploit would also require network access.
Submit a link
Start a discussion